A new study from KPMG has found that 39% of UK CEOs believe a cyber attack on their organisation is inevitable. This figure is likely a reaction to the upsurge in cyber attacks over the past few years and the increased media attention on data breaches. Cyber security professionals have been repeatedly told that cyber attacks are a case of ‘when’, not ‘if’, so the only surprise is that this figure is so low. Across the rest of the globe, 49% of CEOs say that a cyber attack on their organisation is inevitable.
Defending against attacks – an ISMS
Despite the comparative optimism (or, perhaps, naivety) in the UK, cyber awareness continues to grow. KPMG found that four in ten CEOs of UK organisations believe their business is either well prepared or very well prepared for a cyber attack. This is in part due to the appointment of cyber security specialists and data scientists.
These cyber security specialists will be advising organisations to implement an ISMS (information security management system) in order to help prevent cyber attacks. ISO 27001 is the international standard that describes best practice for an ISMS. Achieving certification to ISO 27001 demonstrates to existing and potential customers that an organisation has defined and put in place best-practice information security measures and processes.
How vsRisk™ helps organisations prepare for ISO 27001 certification
You could invest time, effort and money in designing and deploying – or have a consultant design and deploy – a manual risk assessment methodology. Or save yourself a lot of time (80%) and money by deploying our risk assessment software tool, vsRisk, instead.
- vsRisk, out of the box, provides a robust ISO 27001-compliant risk assessment methodology, and dependably delivers each of our recommended five steps to a successful risk assessment. You don’t need to spend any time on developing your own risk assessment methodology or costly trial and error – you can immediately get to work on the actual risk assessment, which means you get actionable results much sooner.
- You’ll find that you spend more time maintaining your risk assessment than you did setting it up, so it makes sense to lock in future efficiencies from the outset. vsRisk’s robust methodology means that upcoming risk reviews and further risk assessments can be performed quickly, consistently and cost-effectively.
- vsRisk has nearly ten years of development invested in it. It incorporates feedback and experience from hundreds of ISO 27001 risk assessments, and is supported by an ongoing investment and user support programme that regularly brings useful functionality and features to help you continually improve your ISMS.
Suitable for organisations of all sizes, vsRisk is a leading information security risk assessment tool that delivers fast, accurate, auditable and hassle-free risk assessments year after year.
Download our white paper, which describes the five key steps to completing a successful ISO 27001 risk assessment that will form the centre of your ISMS.
For more information on vsRisk and to sign up for a demo, please click here.